<?
session_start();
include("../data/connect.php");
include("../data/_uconfig.php");
include("../_class/lang.php");
include("../_class/lang_".$iscon["getlang"].".php");
include("../_class/_func.php");
include("../_class/class.global.php");
include("../_class/class.req.php");
function checkad($data){
$path="../data/ad.dat";
if(!file_exists($path)) return;
$data = stripslashes($data);
$data = strip_tags($data);
$data = eregi_replace("\r","",$data);
$data = eregi_replace("\n","",$data);
if(!$data) return;
$read=file($path);
for ($i=0;$i<count($read);$i++){
$ad[]=trim($read[$i]);
}
for($i=0;$i<count($ad);$i++){
if(ereg($ad[$i],$data)) return true;
}
return;
}
$ref=$_SERVER["HTTP_REFERER"];
if(isset($_SERVER["HTTP_REFERER"])){
if(!(ereg($_SERVER["HTTP_HOST"],$ref)))
{
echo "Security!!";
exit();
}
}
$infoboard = new req_infoboard();
$infoboard->checksess();
$infoboard->isconnect();
$iscon["ip"] = $infoboard->isip();
$date = date("YmdHis", time());
if(isset($_POST["action"])) $action=$_POST["action"]; else $action="";
if(isset($_POST["gid"])) $cat=$_POST["gid"]; else $cat="";
if(empty($cat)) refback($iscon["lang"][116]);
$active=1;
$activeimg=1;
$uppic=0;
$qlevel=$_POST["_qlevel"];
$alevel=$_POST["_alevel"];
$readlevel=$_POST["_readlevel"];
$checkq=$_POST["_checkq"];
$checka=$_POST["_checka"];
$checkpic=$_POST["_checkpic"];
$uppic=$_POST["_uppic"];
if($checkpic > 0) $activeimg=$checkpic;
switch($action){
case"boardq";
if(!$iscon["iduser"]){
if(!$iscon["idadmin"]){
if($qlevel > 0) refback($iscon["lang"][42]);
}
}
if(!$iscon["idadmin"]){
if($checkq > 0) $active=0;
}
break;
default;
if(!$iscon["iduser"]){
if(!$iscon["idadmin"]){
if($alevel > 0) refback($iscon["lang"][42]);
}
}
if(!$iscon["idadmin"]){
if($checka > 0) $active=0;
}
}
if($iscon["user"]){
$level=1;
$userid=$iscon["iduser"];
$name=$iscon["user"];
}elseif($iscon["admin"]){
$level=2;
$userid=$iscon["idadmin"];
$name=$iscon["admin"];
$active=1;
$activeimg=1;
}else{
$level=0;
$userid=0;
$name=$_POST["name"];
if(empty($name)) refback($iscon["lang"][94]);
}
$picformat=1;
$picname="";
$piccover="";
$ext="";
if(isset($_POST["inputcode"])) $incode=$_POST["inputcode"];
if(isset($_POST["previewcode"])) $precode=$_POST["previewcode"];
$code = "";
$codeinput = $level;
if($iscon["public_code"]) $codeinput = $iscon["public_code"];
if($codeinput > 0){
if(trim($incode)){
$code = $incode;
}else{
if(trim($precode)){
$precode = $infoboard->removescript1($precode);
$precode = $infoboard->removescript2($precode);
if(ereg("youtube",$precode)) $code = $precode;
}
}
}
if(isset($_POST["upformat"])) $upformat=$_POST["upformat"]; else $upformat=0;
if(isset($_POST["border"])) $border=eregi_replace("#","",$_POST["border"]); else $border="CCCCCC";
$detail=$_POST["_detail"];
$detail = $infoboard->removetag1($detail);
$detail = $infoboard->removetag2($detail);
if(!$infoboard->emptydetail($detail)) refback($iscon["lang"][118]);
$detail = $infoboard->badword($detail);
$detail = eregi_replace("<br />","<br />",$detail);
$detail = strip_tags($detail, '<p><a><img><font><strong><em><u><hr /><ol><li><ul><blockquote><br />');
$detail = eregi_replace("<br />","<br />",$detail);
$ad="";
if(checkad($detail)){
$active=0;
$ad=1;
}
$counticon = $infoboard->isread("../data/icon.dat");
$detail = $infoboard->geticon(stripslashes($detail), $counticon);
$temp=rand(0,999).time();
if($upformat == 1){
$ext=$infoboard->up1($temp, $uppic);
$picformat=1;
}elseif($upformat == 2){
$ext=$infoboard->up2($temp, $uppic);
$picformat=2;
}
if($ext){
$picname=$temp;
$piccover=$temp.".".$ext;
}
switch($action){
case"boardq";
$topic=$_POST["topic"];
if(strlen($topic) <= 5) refback($iscon["lang"][119]);
$topic = htmlspecialchars(strip_tags($topic));
if(!$topic) refback($iscon["lang"][120]);
if(checkad($topic)){
$active=0;
$ad=1;
}
if(isset($_POST["_stick"])) $stick=$_POST["_stick"]; else $stick=0;
if(isset($_POST["_lock"])) $lock=$_POST["_lock"]; else $lock=0;
$page = $infoboard->tbcount($cat);
$fieldname="
_cat,
_page,
_topic,
_detail,
_code,
_name,
_ip,
_border,
_align,
_lock,
_level,
_userid,
_stick,
_pic,
_piccover,
_coverformat,
_ext,
_picformat,
_activeimg,
_active,
_time
";
$fieldvalue="
'".$cat."',
'".$page."',
'".addslashes($topic)."',
'".addslashes($detail)."',
'".addslashes($code)."',
'".addslashes($name)."',
'".$iscon["ip"]."',
'".$border."',
'".$_POST["align"]."',
'".$lock."',
'".$level."',
'".$userid."',
'".$stick."',
'".$picname."',
'".$piccover."',
'".$picformat."',
'".$ext."',
'".$picformat."',
'".$activeimg."',
'".$active."',
'".$date."'
";
if($qid = $infoboard->tbinsert("_infoboardq", $fieldname, $fieldvalue)){
if(trim($incode)) $infoboard->codewrite($qid, 1, $incode);
if($level == 1){
if($userid > 0){
$infoboard->tbupdate("_user", "_post=_post+1", "_cid", $userid);
$infoboard->writepoint($iscon["user"]);
}
}
if($picname){
if($activeimg == 2) $infoboard->unproof("improof", $cat, $page, 1, $qid);
}
if($active == 0){
$infoboard->unproof("unproof", $cat, $page, 1, $qid);
refurl($iscon["lang"][117], "../".$infoboard->txtmod()."group".$iscon["_s"].$cat.$iscon["_s"]."0".$iscon["_s"]."1".$infoboard->extmod());
}elseif($ad){
refurl($iscon["lang"][157], "../".$infoboard->txtmod()."group".$iscon["_s"].$cat.$iscon["_s"]."0".$iscon["_s"]."1".$infoboard->extmod());
}else{
$infoboard->savecache($cat, $page);
refurl($iscon["lang"][105], "../".$infoboard->txtmod()."group".$iscon["_s"].$cat.$iscon["_s"]."0".$iscon["_s"]."1".$infoboard->extmod());
}
}
break;
case"boarda";
$qid=$_POST["qid"];
$page=$_POST["page"];
$fieldname="
_qid,
_cat,
_detail,
_code,
_name,
_ip,
_border,
_align,
_level,
_userid,
_pic,
_ext,
_picformat,
_activeimg,
_active,
_time
";
$fieldvalue="
'".$qid."',
'".$cat."',
'".addslashes($detail)."',
'".addslashes($code)."',
'".addslashes($name)."',
'".$iscon["ip"]."',
'".$border."',
'".$_POST["align"]."',
'".$level."',
'".$userid."',
'".$picname."',
'".$ext."',
'".$picformat."',
'".$activeimg."',
'".$active."',
'".$date."'
";
if($aid = $infoboard->tbinsert("_infoboarda", $fieldname, $fieldvalue)){
if($level == 1){
if($userid > 0){
$infoboard->tbupdate("_user", "_post=_post+1", "_cid", $userid);
$infoboard->writepoint($iscon["user"]);
}
}
if($picname){
if($activeimg == 2) $infoboard->unproof("improof", $cat, $page, 2, $aid);
}
if(trim($incode)) $infoboard->codewrite($aid, 2, $incode);
if($active == 0){
$infoboard->unproof("unproof", $cat, $page, 2, $aid);
refurl($iscon["lang"][117], "../".$infoboard->txtmod()."group".$iscon["_s"].$cat.$iscon["_s"]."0".$iscon["_s"]."1".$infoboard->extmod());
}elseif($ad){
refurl($iscon["lang"][157], "../".$infoboard->txtmod()."group".$iscon["_s"].$cat.$iscon["_s"]."0".$iscon["_s"]."1".$infoboard->extmod());
}else{
if($piccover) $spic="_piccover='".$piccover."', _coverformat='".$picformat."',"; else $spic="";
$fieldupdate="
_reply=_reply+1,
_ansname='".addslashes($name)."',
_anslevel='".$level."',
_ansuid='".$userid."',
_save='1',
$spic
_update='".$date."'
";
if($infoboard->tbupdate("_infoboardq", $fieldupdate, "_cid", $qid)){
$infoboard->savecache($cat, $page);
$rid = $infoboard->ridpage($cat, $page);
refurl($iscon["lang"][105], "../".$infoboard->txtmod()."topic".$iscon["_s"].$cat.$iscon["_s"].$page.$iscon["_s"].$rid.$infoboard->extmod());
}
} //active
} //aid
break;
case"boardi";
$qid=$_POST["qid"];
$aid=$_POST["aid"];
$page=$_POST["page"];
$req=$_POST["req"];
$pnext=$_POST["pnext"];
if($req == "3"){
$qtarget = 1;
}else{
$qtarget = 2;
}
$fieldname="
_target,
_qid,
_aid,
_cat,
_detail,
_code,
_name,
_ip,
_level,
_userid,
_pic,
_ext,
_picformat,
_activeimg,
_active,
_time
";
$fieldvalue="
'".$qtarget."',
'".$qid."',
'".$aid."',
'".$cat."',
'".addslashes($detail)."',
'".addslashes($code)."',
'".addslashes($name)."',
'".$iscon["ip"]."',
'".$level."',
'".$userid."',
'".$picname."',
'".$ext."',
'".$picformat."',
'".$activeimg."',
'".$active."',
'".$date."'
";
if($xid = $infoboard->tbinsert("_infoboardi", $fieldname, $fieldvalue)){
if($level == 1){
if($userid > 0){
$infoboard->tbupdate("_user", "_post=_post+1", "_cid", $userid);
$infoboard->writepoint($iscon["user"]);
}
}
if($picname){
if($activeimg == 2) $infoboard->unproof("improof", $cat, $page, 3, $xid);
}
if(trim($incode)) $infoboard->codewrite($xid, 3, $incode);
if($active == 0){
$infoboard->unproof("unproof", $cat, $page, 3, $xid);
refurl($iscon["lang"][117], "../".$infoboard->txtmod()."group".$iscon["_s"].$cat.$iscon["_s"]."0".$iscon["_s"]."1".$infoboard->extmod());
}elseif($ad){
refurl($iscon["lang"][157], "../".$infoboard->txtmod()."group".$iscon["_s"].$cat.$iscon["_s"]."0".$iscon["_s"]."1".$infoboard->extmod());
}else{
if($piccover) $spic="_piccover='".$piccover."', _coverformat='".$picformat."',"; else $spic="";
$fieldupdate="
_insert=_insert+1,
_ansname='".addslashes($name)."',
_anslevel='".$level."',
_ansuid='".$userid."',
_save='2',
$spic
_uppage='".$pnext."',
_update='".$date."'
";
if($infoboard->tbupdate("_infoboardq", $fieldupdate, "_cid", $qid)){
$infoboard->savecache($cat, $page);
refurl($iscon["lang"][105], "../".$infoboard->txtmod()."topic".$iscon["_s"].$cat.$iscon["_s"].$page.$iscon["_s"].$pnext.$infoboard->extmod());
}
} //active
} //xid
break;
default;
}
$infoboard->isclose();
refurl("", "../");
?>